Nuage Networks from Nokia

Nuage Networks, Red Hat 2016 Industry Solution Partner of the Year, has partnered with Red Hat to deliver SDN-based hybrid cloud solutions that maximize the effectiveness of the datacenter infrastructure by making them more agile, flexible and automated. Now Nuage Networks provides support for Red Hat OpenShift cloud environments, including taking advantage of the full Red Hat cloud stack, including Kubernetes container cluster management.

Features and Benefits

Virtualized Services Controller

Virtualized Services Controller (VSC) serves as the robust control plane of the datacenter network, maintaining a full per-tenant view of network and service topologies. Through network APIs using interfaces such as Openflow, the VSC programs the datacenter network independent of datacenter networking hardware.

Virtualized Services Directory

Virtualized Services Directory (VSD) serves as a policy, business logic and analytics engine for the abstract definition of network services. Through RESTful APIs to the VSD, administrators can define and refine service designs and incorporate enterprise policies.

Virtual Routing and Switching

Virtual Routing and Switching (VRS) is a module that serves as a virtual endpoint for network services. Through the VRS, changes in the compute environment are immediately detected, triggering instantaneous policy-based responses in network connectivity to ensure that the needs of applications are met.

The Nuage Networks™ Virtualized Services Platform (VSP) is a comprehensive solution that makes the network as readily consumable as the compute resources. It does this by providing the missing link to ensure rapid and efficient delivery of highly customizable application services, in and across multi-tenant data centers. The Nuage Networks VSP enables the deployment of massively scalable cloud-based services with the agility and performance demanded by highly dynamic application environments.

What is the Nuage Networks VSP?

The Nuage Networks VSP is a Software-Defined Networking (SDN) solution that virtualizes any DC network infrastructure and automatically establishes connectivity between compute resources upon their creation. Leveraging programmable business logic and a powerful policy engine, the Nuage Networks VSP provides an open and highly responsive solution that scales to meet the stringent needs of massive multi-tenant DCs. The Nuage Networks VSP is a software solution that can be deployed over existing DC network fabrics.

Cloud deployment of complex applications requires more than simple L2 connectivity. To meet these needs, the Nuage Networks VSP deploys the full range of L2-L4 networking services on a per-tenant or per-application basis using overlay technologies. This ensures each application gets the services required, and is not forced into a basic L2 VLAN connectivity.

Introducing Nuage Networks VSP for OpenShift

Nuage Networks VSP is now available to support Docker-based applications running on the Red Hat OpenShift PaaS solution to accelerate the provisioning of virtual networks between pods and traditional workloads, and to enable security policies across the entire cloud infrastructure. VSP allows for the automation of security appliances to include granular security and microsegmentation policies for container apps.

Nuage Networks VSP is a policy-based automation and virtual networking platform that is ideally suited for heterogeneous environments, unifying SDN policies across cloud platforms and server virtualization technologies. Nuage Networks can consolidate network and security policy requirements independent of the hypervisor or container format they are running, the infrastructure or the cloud management system.

VSP and OpenShift Integration

VSP is integrated into the OpenShift application workflow, which triggers events in the Nuage Networks system; similar to the way a VM Orchestrator’s events trigger virtual network configurations between virtual machines. VSP provides a networking plug-in running on the OpenShift master, which connect the OpenShift platform to the two main VSP controller components: the Virtualized Services Controller (VSC) and the Virtualized Services Directory (VSD). VSC and VSD maintain the higher-level network and security policies and configure the relevant network devices and virtual switches to automate and provision the required overlay connectivity.

OpenShift relies on Kubernetes to launch container pods and configure the localhost networking between containers. VSP provides a network exec plug-in running on the OpenShift nodes (the Kubernetes Minions) that is invoked during pod lifecycle events, such as creation and destruction. The VSP plug-ins on the OpenShift nodes and the OpenShift master share the policy configurations and lifecycle events with the VSP controllers as well as the local VSP virtual switch (VRS), as needed.

Security Services in Nuage Networks VSP

While SDN has always delivered policy-based automation for network devices, applying the same techniques to multi-tenant cloud environments is a more urgent requirement because security policies (compared to network policies) are likely more complex, more application-specific, change more frequently, and encompass a wider range of devices from multiple vendors. As organizations evolve their data centers and applications to the cloud and containers, the security operations are likely to overwhelm even before network issues dictate an evolution to SDN.

In multi-tenant cloud environments, there is a requirement for “microsegmentation”, i.e., enforcing security policies at a very granular level, between individual workloads and applications. Nuage Networks VSP brings these sophisticated security policies to OpenShift-based environments. Policies can be enforced between Kubernetes pods, or between pods and VM or bare-metal workloads, in a consistent fashion, ensuring compliance objectives across all environments.